[Samba] [samba] SMB encryption
Jeremy Allison
jra at samba.org
Fri Jun 3 16:15:35 UTC 2016
On Fri, Jun 03, 2016 at 02:23:23PM +0200, mathias dufresne wrote:
> Hi all,
>
> A - I thought badlock mitigation was about encrypting SMB traffic, at least
> most part of it. And this encryption of most part of data transfer could
> (or should) lower performances.
Well it's traffic signing, not encryption. The problem is traffic
signing prevents some of the zero-copy optimizations (sendfile/recvfile)
that are otherwise possible.
> It seems I was wrong: smallest part (something like commands) are encrypted
> but not SMB traffic (ie file transfer). This for SMB protocol prior to SMB3
> (which comes with windows 8).
>
> B - According to what I read, new options added into smb.conf with Samba
> versions meant to solve Badlock issue are enough by default to solve the
> issue.
>
> Is that true?
Well the options come with the complete patch, so you
can't separate the two.
More information about the samba
mailing list